INFORMATION AND NETWORK SECURITY

[As per Choice Based Credit System (CBCS) scheme]

SEMESTER – V

Course Code : 23CA3501 Credits : 03

Hours / Week : 03 Hours Total Hours : 45 Hours

L–T–P : 3–0–0

Prerequisites:
Familiarity with operating systems (Windows, Linux, etc.), basics of networking
concepts, and Awareness of the importance of cyber security.

Learning Objectives:

The objectives of the Course are:

1.​ To understand the fundamentals of Cryptography
2.​ To acquire knowledge on standard algorithms used to provide confidentiality,
integrity​ and authenticity.
3.​ To understand the various key distribution and management schemes.
4.​ To understand how to deploy encryption techniques to secure data in transit
across data networks
5.​ To design security applications in the field of Information technology

Teaching-Learning Process (General Instructions):

These are sample new pedagogical methods, where teachers can use to accelerate the
attainment of the various course outcomes.
1. Lecture method means it includes not only traditional lecture methods, but
different types of teaching methods may be adopted to develop the course
outcomes.
2. Interactive Teaching: Adopt the Active learning that includes brainstorming,
discussing, group work, focused listening, formulating questions, note taking,
annotating, and roleplaying.
3. Show Video/Animation films to explain functioning of various concepts.
4. Encourage Collaborative (Group Learning) Learning in the class.
5. To make Critical thinking, ask at least three Higher order Thinking questions
in the class.
6. Adopt Problem Based Learning, which fosters students’ Analytical skills,
develop thinking skills such as the ability to evaluate, generalize, and analyse
information rather than simply recall it.
7. Show the different ways to solve the same problem and encourage the
students to come up with their own creative ways to solve them.
8. Discuss how every concept can be applied to the real world - and when that's
possible, it helps improve the students' understanding

UNIT 1
9 Hours
Introduction
An Overview of Computer Security-Security Services-Security Mechanisms-Security
Attacks-Access Control Matrix, Policy-Security policies, Confidentiality policies, Integrity
policies and Hybrid policies. (T1 - Ch.1)
UNIT 2
9 Hours
CRYPTOSYSTEMS & AUTHENTICATION
Classical Cryptography-Substitution Ciphers-permutation Ciphers-Block Ciphers - DES
Modes of Operation- AES-Linear Cryptanalysis, Differential Cryptanalysis- Hash
Function - SHA 512- Message Authentication Codes-HMAC - Authentication Protocols
(T1 - Ch 2, Ch 3)
UNIT 3
9 Hours

Introduction to Public key Cryptography- Number theory- The RSA Cryptosystem and
Factoring Integer- Attacks on RSA-- Digital Signature Algorithm-Finite Fields-Elliptic
Curves Cryptography- Key management – Session and Interchange keys, Key exchange
and generation-PKI (T1 - Ch 8, Ch 9)
UNIT 4
9 Hours
SYSTEM IMPLEMENTATION
Design Principles, Representing Identity, Access Control Mechanisms, Information Flow
and Confinement Problem, Secure Software Development: Secured Coding -
OWASP/SANS Top Vulnerabilities -Buffer Overflows - Incomplete mediation - XSS - Anti
Cross Site Scripting Libraries - Canonical Data Format - Command Injection -
Redirection – Inference – Application Controls. (T2 - Ch 14 )
UNIT 5
9 Hours
NETWORK SECURITY
Secret Sharing Schemes-Kerberos- Pretty Good Privacy (PGP)-Secure Socket Layer
(SSL)- Intruders – HIDS- NIDS - Firewalls – Viruses. (T1 - Ch 14, Ch 15)

Bloom’s
Course
Description Taxonomy
Outcome
Level
At the end of the course the student will be able to:

CO1 Explain fundamental concepts of computer L2

security, including security services, mechanisms,
and attacks.
CO2 Demonstrate the use of classical and modern L3
cryptography techniques, including substitution and
block ciphers
Examine the principles of public key cryptography,
CO3 including RSA, elliptic curve cryptography, and L4
digital signature algorithms. Analyze key
management processes and their role in ensuring
secure communication.
Apply secure software development principles to
CO4 mitigate vulnerabilities like buffer overflows, XSS, L5
and command injection. Design and implement
secure systems using OWASP and SANS standards.

CO5 Analyze network security frameworks like L2

Kerberos, SSL, and PGP. Evaluate the effectiveness of
intrusion detection systems (HIDS and NIDS),
firewalls, and secret sharing schemes in protecting
networks from threats.
COs Program Outcomes (POs) PSOs
1 2 3 4 5 6 7 8 9 10 1 2 3 4 5
CO1 3 3 3 1

CO2 3 3 3 1
CO3 3 3 3 1
CO4 3 3 3 1
CO5 3 3 2 1

3: Substantial (High)​ 2: Moderate (Medium) 1:Poor(Low)

TEXT BOOKS:
1.​ William Stallings, “Cryptography and Network Security: Principles and
Practices”, Seventh Edition, Pearson Education,2023
2.​ Matt Bishop ,“Computer Security art and science ”, Second Edition, Pearson
Education, 2022

REFERENCE BOOKS:
1.​ Wade Trappe and Lawrence C. Washington, “Introduction to Cryptography
with Coding Theory” Third Edition, Pearson Education, 2021
2.​ Jonathan Katz, and Yehuda Lindell, Introduction to Modern Cryptography,
CRC Press, Third Edition, 2021
3.​ Douglas R. Stinson, “Cryptography Theory and Practice”, Third Edition,
Chapman
& Hall/CRC, 2nd Edition, 2014
4.​ Wenbo Mao, “Modern Cryptography – Theory and Practice”, Pearson
Education,
First Edition, 2006.
5.​ Network Security and Cryptography, Menezes Bernard, Cengage Learning,
New Delhi, 2011

E-Resources:

1.​ [Link]

2.​ [Link]
twork- security-9896
Activity Based Learning (Suggested Activities in Class)
1.​ Demonstration of solutions to a problem through programming.
2.​ Flip class activity

*************************************
 INFORMATION AND NETWORK SECURITY LAB
[As per Choice Based Credit System (CBCS) scheme]

SEMESTER – V
Course Code : 23CA3502 Credits : 01
Hours / : 02 Hours Total Hours : 20 Hours
Week
L–T–P : 0–0–2

Course Learning Objectives:

Upon completion of this course, students will be able to:

1.​ Apply fundamental security concepts and principles in practical scenarios.

2.​ Implement basic cryptographic techniques for data confidentiality and
integrity.
3.​ Analyze network vulnerabilities and potential security threats.
4.​ Configure and utilize common network security tools and techniques.
5.​ Evaluate the security implications of various network configurations and
protocols.
6.​ Develop a basic understanding of security best practices and policies.
7.​ Troubleshoot common security issues in network and system environments.
8.​ Experiment with different security mechanisms for protecting data and
networks.

List of Experiments
1. Write a program to implement Caesar Cipher Encryption-Decryption.
2. Write a program to implement Playfair Cipher
3. Write a program to implement Hill Cipher.
4. Write a program to implement Vigenere Cipher.
5. Write a program to implement Rail Fence transposition technique.
6. Write a program to implement RSA Algorithm.
7. Write a program to implement Diffie-Hellman key exchange algorithm.
 Bloom’s
Course
Taxono
Outcom Description
my
e
Level
At the end of the course the student will be able to:

CO1: Demonstrate the practical application of core information

1 security concepts like confidentiality, integrity, and availability. L5

CO2: Implement and analyze the working of symmetric and

2 asymmetric cryptographic algorithms. L3

CO3: Identify common network security threats and vulnerabilities,

3 and apply tools to detect them. L3

CO4: Configure and evaluate the functionality of key exchange

4 algorithms L4

5 CO5: Apply secure configuration practices for network devices. L3

**********************************